Simulated attacks on water supply

Next story
Olivia Storey/James Pavett

New research from the Georgia Institute of Technology has created a custom-made form of malware to show a simulation of how ransomware can target and shut down industrial systems.

The malware attack on the simulated water treatment plant highlights how cyber-attacks could disrupt key services for any household services such as energy, water, heating.

The simulation showed a hostile takeover of three different devices via a number of common programmable logic controllers (PLCs) often found in industrial plants. Using these PLCs, they combined them with pumps, tubes and tanks to create the simulation. They tested the security of these, including password protections and if malicious changes could be made undetected.

The cyber security researchers found it no challenge for the malware family to take down the core infrastructure. The research team added iodine and starch to the water supply – turning it bright blue. This showed that the ‘hackers’ had control of the water systems, and then they simulated an attack using ransomware, closing and locking systems down.

Once all systems were closed, they were able to hold the utility hostage and threaten to dump life-threatening amounts of chlorine into the water supplies, which if real life could potentially poison entire cities.

Mark James, ESET IT Security Specialist, talks about the benefits of simulations like these.

“I think any threat that can have real world consequences is something that needs to be addressed and monitored closely.

“A lot of the malware we see and hear about is designed in such a way that it spreads and propagates looking for viable targets.

“However, targeted malware is very different.

“Usually that malware is configured and aimed at a particular industry or sector, with so much of our industry digitally operated or maintained this could prove in its worst case scenario very bad indeed.

“The same rules apply to any area that may be the target of ransomware, it has to be installed and it has to be able to gain complete control.

“With the right levels of security we can limit its attack vector and have mechanical failsafe’s to override anything software can instigate.

“All environments in our digital world are susceptible to attack and need to be protected. Making sure operating systems, applications and security programs are kept up-to-date, are some of the first lines of defence.”


Do you think ransomware is the biggest cyber threat to 2017? Let us know on Twitter @ESETUK.


Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.